<?php
session_start();
include("load-settings.php");

if(!isset($_SESSION['user']))
	header("Location: login.php");

$user = mysql_real_escape_string($_SESSION['user']);
$result = mysql_query("SELECT * FROM user WHERE id = $user");
$row = mysql_fetch_array($result);

if($row['type'] != 2)
	header("Location: home.php");

$tier = mysql_real_escape_string($_POST['tier']);
$one = mysql_real_escape_string($_POST['1']);
$two = mysql_real_escape_string($_POST['2']);
$three = mysql_real_escape_string($_POST['3']);
$four = mysql_real_escape_string($_POST['4']);
$five = mysql_real_escape_string($_POST['5']);

mysql_query("UPDATE division_pricing SET price = $one WHERE tier = '$tier' AND division = 1") or die(mysql_error());
mysql_query("UPDATE division_pricing SET price = $two WHERE tier = '$tier' AND division = 2") or die(mysql_error());
mysql_query("UPDATE division_pricing SET price = $three WHERE tier = '$tier' AND division = 3") or die(mysql_error());
mysql_query("UPDATE division_pricing SET price = $four WHERE tier = '$tier' AND division = 4") or die(mysql_error());
mysql_query("UPDATE division_pricing SET price = $five WHERE tier = '$tier' AND division = 5") or die(mysql_error());

header("Location: admin-settings.php");

?>